Spring RestTemplate: SSL handshake failure

Question

I am trying to consume a restful ws with basic auth. I did not import any cert into my keystore. When I use chrome plugin Advance Rest client to test it (using

Answer 1

From javax.net.debug log I can see that you are using Java 7 and the client resolves to TLSv1. From openssl output that your server does not support TLSv1.

TLS ver. 1.1 and 1.2 are disabled in Java 7 by default.

Although SunJSSE in the Java SE 7 release supports TLS 1.1 and TLS 1.2, neither version is enabled by default for client connections. Some servers do not implement forward compatibility correctly and refuse to talk to TLS 1.1 or TLS 1.2 clients. For interoperability, SunJSSE does not enable TLS 1.1 or TLS 1.2 by default for client connections.

Enable TLSv1.1 and TLSv1.2 either by:

1. JVM argument:

   -Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1
   

2. Or set the same property from Java code:

   System.setProperty("https.protocols", "TLSv1.2,TLSv1.1,TLSv1");
   

3. Or install JCE Unlimited Strength policy files for Java 7. I am not 100% sure if this single step would solve the problem although it is always worth to install JCE while it allows JVM to use stronger versions of existing algorithms.

UPDATE 29/Sep/2016:

Order of protocols changed from better to worse (TLS ver. 1.2 to 1) in options 1 and 2.